Enable Microsoft Sentinel
Microsoft Sentinel is a feature that can enable on Azure cloud, providing SIEM capabilities on Azure cloud infrastructure. In this article, I will walk you through how to enable the Sentinel feature on your Azure infrastructure.
01. Log into https://portal.azure.com/
02. Search Sentinel in the search bar and click on Microsoft Sentinel
03. Click, Create Microsoft Sentinel
04. Now it will ask to create a new workspace
05. Create a Log Analytics workspace. Select the Subscription, and Resource group and provide Instance details. Click Review and Create. Optionally you can create tags.
06. Once it is passed the validation click Create
07. It will show the deployment status on the notification bar
I hope you found this article useful. In the next article, let’s review how to manage Sentinel. To view my other Microsoft posts click here.